The critical security patches
Serious vulnerabilities have been discovered in Cisco Small Business VPN routers, which may be exploited by a remote attacker to install malware and crash the device.
These vulnerabilities exists in the web-based administration interface of the Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers that are running a firmware versions older than the version 1.0.03.22.
Tracked as CVE-2021-1609 with a CVSS score of 9.8, and CVE-2021-1610 with CVSS score of 7.2, both flaws come from inadequate validation of HTTP requests, which enables attackers to construct a malicious HTTP request and send it to a vulnerable device.
As per what has been revealed in Cisco’s report, an unauthenticated, remote attacker may exploit CVE-2021-1609 to force the device to reload, resulting in a Denial of Service attack, or run an arbitrary code without any restrictions. Successful exploitation of CVE-2021-1610, which represents a command injection flaw, may enable an attacker to remotely execute arbitrary commands with root privileges on a device impacted by the vulnerability.
Another severe vulnerability, tracked as CVE-2016-1732, that Cisco identified in Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers has received a patch. As per the reports, a remote attacker could exploit this flaw to run arbitrary commands on the operating system of an affected device without being authenticated. Routers running versions older than 1.0.01.04 in the Small Business RV Series are vulnerable to this flaw.
The CVE-2016-1732 vulnerability is caused by the lack of input validation on the user side. If an attacker decides to exploit this vulnerability he may gain administrator-level rights on the infected device, and perform arbitrary operations as the root user.
The good news is that, according to Cisco, there has been no indication of current exploitation attempts aimed at these vulnerabilities. Therefore, the users who quickly apply the latest patches have a high chance to effectively mitigate any potential attacks.